Election Systems RFPs

Does your jurisdiction need new a new voting system? The quality and cost of a system will be in heavily influenced by your written Request for Proposals (RFP), which spells out the requirements your vendors must meet. The essential elements are:

Collecting input from stakeholders

Understanding and following expert recommendations and best practices

Incorporating lessons learned from current voting systems

Understanding changes since the last voting system procurement

Specific recommendations are centered and printed in italic bold type.

The RFP put out in 2016 by Travis County, Texas models most of the recommendations given in this document. Furthermore, Travis County is inviting any American election jurisdiction to collaborate and pool resources to bring down the cost of purchasing, and avoid vendor lock-in for maintenance of, the next generation of election technology. More information is available in the STAR-Vote Statement of Intent.

Before embarking on an independent procurement effort, investigate the possibility of joining the Travis County effort, or working with other innovators such as such as Los Angeles County or the City and County of San Francisco.

Stakeholder Input

A voting system will have to meet the needs of a wide variety of citizens. Solicit input from stakeholders as part of the RFP-drafting process, including:

Voters with disabilities

Elderly voters

Voters with limited English proficiency

Poll workers

County Board of Elections staff

New citizens

Organizations particularly concerned with voting, such as the Advancement Project, League of Women Voters, and political parties.

Expert Recommendations

Integrity of the Vote

How can we ensure fair elections? The consensus of the scientific and engineering community is that fair elections are ensured when voting technology is verifiable, accurate, secure and transparent—sometimes called the “VAST mandate.”

The VAST mandate states that a voting system must be:

Verifiable: there are mechanisms and accountability loops to provide for routine audits of the system, risk limiting audits of any election conducted through that system, as well as reliable means to provide for recounts and measures of voter intent;

Accurate: there are verifiable means to ensure that ballots are counted as cast;

Secure: to the greatest extent possible (since security can never be guaranteed) the system has the least possible vulnerability to negligent or malicious manipulation or compromise of performance; and

Transparent: the system, any devices comprising that system, as well as data produced by the system are available for independent unfettered inspection and analysis down to a source code and firmware level (with the caveat that the voter privacy must be protected).

Enunciate the principles of the VAST mandate in the RFP and require vendors to address each of them.

COTS Hardware

Experts in the field of election technology recognize that the world is shifting dramatically away from the specialized hardware purchased by most counties after the turn of the millennium toward commercially-available off-the-shelf (COTS) hardware. For example, the PCEA recommends that the next wave of voting technology should be “widely available, off-the-shelf technologies and ‘software-only’ solutions…. For cash-strapped jurisdictions that wish to keep pace with evolving technology, the purchase of hundreds of expensive, specialized pieces of hardware good for only one purpose—elections—no longer makes sense.”

Consider requiring—or at least permitting—COTS hardware in your RFP.

Open Source Software

Professionally developed and curated open source (also called “publicly owned”) software has many advantages for government technology, for reasons detailed in the recommendations of the Center for a New American Security for the Department of Defense. For elections in particular, open source is “widely considered the best defense to voter fraud with the added benefits of cost savings and flexibility.”

Consider requiring open source software and design in your RFP.

Cyber Risk

In an era where banks lose billions of dollars per year to cyberfraud in order to let consumers shop easily online, election administrators have precious few resources and yet face great pressure to provide a voting experience as convenient as shopping. And the 2016 election made clear that there are persistent cyber-threats against our democracy.

Work with cyber risk and resilience experts to include enforceable language in the RFP that will ensure the ability to protect elections from cyber attack. At a minimum, insist that vendors comply with the NIST Risk Management Framework.

Open Data

The PCEA recommends:

Audits of voting equipment must be conducted after each election, as part of a comprehensive audit program, and data concerning machine performance must be publicly disclosed in a common data format.

The PCEA recommends further that:

Local jurisdictions should gather and report voting-related transaction data for the purpose of improving the voter experience.

Both of these recommendations require the Board of Elections be able to control data collected by the voting system. In the past, many contracts did not require vendors to release all data to the Board of Elections.

The RFP should specify that all data created by the voting system should be owned solely by the Board of Elections, and should be available (without assistance from the vendor or any third party) in unencrypted, easily exportable and easily interpreted form.

Individual election jurisdictions have developed their individual mechanisms in the 20th Century for making election data public. The next step toward a 21st-century election system is national standards for data sharing and interoperability. Standards are under development in a project spearheaded by the IEEE 1622 Working Group, NIST, and the TrustTheVote Project with collaboration from Pew, the Voting Information Project, the Bipartisan Policy Center, and the Knight Foundation.

The RFP should require the election system to easily export election data in standard, machine-readable formats.

Usability

Stakeholder input can help identify the most common usability complaints for voters, poll workers, and Board of Elections staff in your jurisdiction. More generally, the Center for Civic Design has developed design recommendations for elections based on usability testing with voters and poll workers.

The RFP should require vendors to address usability of all aspects of the voting system.

Legislative Expectations

Election law evolves constantly. Governments often make laws in response to factors far removed from the technological concerns and constraints of local election administration offices.

Developments Since the Procurements in the Early 2000s

New Technology

Digital technology has evolved considerably since the currently dominant voting systems were originally developed. Evolution may be an understatement. In the past five years alone the market has brought forth three generations of touch screens. The legacy notions of “points and clicks” are giving way to “taps and swipes.” In the time since the three major voting systems were introduced, many consumers changed their mobile phones three times and their computing devices at least twice. But voting systems design in that time has not changed much at all, until very recently. There are developments worth watching in at least two large jurisdictions. According to the PCEA:

“From the frustrations of finding adequate voting equipment technology on the market, promising collaborations have arisen in communities such as Los Angeles County, California, and Travis County, Texas, that may inform the setting of standards for future technologies.”

Make use of planning documents and experiences of Travis County and LA County, as well as any other innovative jurisdictions, in the process of developing a voting system RFP.

New Vendors

Several new vendors have entered the voting systems market in recent years.

Take care not to rule out these new vendors and new systems in your RFP. For example, do not limit responses to vendors with systems currently in use in your state.

Certification Process

The Bipartisan Policy Center, working to implement the recommendations of the PCEA, has recommended changes to the federal certification process for voting technology.

The RFP should require vendors to comply with the new standards proposed by the Bipartisan Policy Center.

Lessons Learned

There is now more than a decade-worth of nationwide experience with electronic voting systems. The experiences of other jurisdictions provide a wealth of information about the operating costs of various types of election systems, as well as lessons learned. The last ten years have seen the development of various not-for-profit organizations collecting information about election systems, including Verified Voting, the Pew Foundation, OSET Foundation, and the Caltech-MIT Voting Technology Project.

Make use of the collective expertise of election jurisdictions and relevant not-for-profit organizations in the process of developing the RFP.

ABOUT US

We provide elections services and systems meeting the same reliability and security standards as the US federal government demands for national security. Our system designs and architecture are reviewed by the world's foremost experts in academia and industry. Our products are provably correct, secure, and open source.